User and entity behavior analytics (UEBA) is a technology that analyzes the behavior of users and devices on a network to detect anomalies and threats. UEBA can help security teams identify and respond to malicious activities, such as insider threats, compromised accounts, data breaches, ransomware attacks, and more. In this article, we will briefly summarize the latest trends in UEBA and its potential transformation.
What is it: Agentless architecture refers to platforms and services that are built to run as cloud-native applications. They require no installation, patching, or other forms of long term upkeep on the part of a user. Why it matters: Agentless applications, especially agentless security applications have a lower total cost of ownership (TCO), in terms of man-hours saved in deployment, maintenance, and overhead.
On May 24, 2023, industry and government sources detailed China-nexus activity in which the threat actor dubbed Volt Typhoon targeted U.S.-based critical infrastructure entities. CrowdStrike Intelligence tracks this actor as VANGUARD PANDA. Since at least mid-2020, the CrowdStrike Falcon® Complete managed detection and response (MDR) team and the CrowdStrike® Falcon OverWatch™ threat hunting team have observed related historical activity in multiple sectors.
The upcoming cybersecurity regulations from the U.S. Securities and Exchange Commission (SEC) deliver a clear message: Cyber risk is a business risk. Slated to be finalized this fall, the regulations will directly link financial performance to cybersecurity through required public disclosures. If a company is hacked, it can affect the stock price, the market capitalization, and customer trust. That is why the SEC is paying attention and has proposed these vital regulations.
As part of our ongoing commitment to conducting original research and maintaining an up-to-date Hacker’s Playbook, the SafeBreach Labs team is dedicated to uncovering new threats. My recent research focused on searching for vulnerabilities and design issues in the API security domain in line with this objective. As a result, we discovered a security vulnerability in the popular HR information system (HRIS) platform called HiBob.
The latest version of the Common Vulnerability Scoring System, CVSS 4.0, entered its public preview phase at the 35th annual FIRST conference put on by FIRST, the Forum of Incident Response and Security Teams. An international confederation of computer incident response teams, FIRST writes the CVSS specification that plays such an important role in identifying and cataloging software and application vulnerabilities.
Is this suspicious network activity alert actually a sign of intrusion, or just another false positive? As the cybersecurity visibility gap widens, anyone who works in a security operations centre (SOC) is likely to ask themselves and their colleagues this question on a regular basis. Unfortunately, as analysts know, answering it is rarely straightforward.
21 CFR Part 11 is a set of regulations issued by the U.S. Food and Drug Administration (FDA) that establishes the criteria under which electronic records and signatures are considered trustworthy, reliable, and equivalent to paper records. In order to sell products in the United States, companies must demonstrate that their systems meet the standards set forth in Part 11. This can be a daunting task, as the requirements are numerous and detailed.
Ever wondered what lurks in the mysterious corners of the internet? Welcome to the dark web: an uncharted digital territory that’s inaccessible through regular search engines and is notorious for its association with illegal activities, like drug trafficking, firearm sales, and stolen data trading. How did this underworld come to be, and what risks does it pose to you and your business? Step into the shadows of the dark web, where anonymity reigns and practically anything is for sale.
